Do you have a question? Post it now! No Registration Necessary. Now with pictures!
June 25, 2006, 2:09 am
rate this thread
Re: iptables TARPIT
By not replying at all. Those protocols are not connection-oriented, so
you couldn't freeze scanners much, anyway. By the way, don't forget
that each frozen TARPIT connection actually uses resources on your
system. I don't think that it allows DoS attacks, but for older
systems, this may be a stability problem. I wouldn't use it for now,
and instead just keep DROP-ing unwanted packets. There is some reason
for the TARPIT target not to be in the stable releases.
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security